How far have we come with HTTPS? Google turns on the spotlight

HTTPS is widely considered one of the keys to a safer Internet, but only if it’s broadly implemented. Aiming to shed some light on how much progress has been made so far, Google on Tuesday launched a new section of its transparency report dedicated to encryption.

Included in the new section is data highlighting the progress of encryption efforts both at Google and on popular third-party sites.

“Our aim with this project is to hold ourselves accountable and encourage others to encrypt so we can make the Web even safer for everyone,” wrote HTTPS evangelists Rutledge Chin Feman and Tim Willis on the Google Security Blog.

Currently, more than 75 percent of requests to Google’s servers use encrypted connections, according to the report. The company will update that data each week to reflect progress it’s made on its own services.

“We’ve long offered Gmail, Drive and Search over HTTPS, and in the last year, we’ve begun to add traffic from more products, like ads and Blogger as well,” Feman and Willis explained. “We’re making positive strides, but we still have a ways to go.”

In addition, however, the report includes data about the HTTPS connections on many other sites as well, including Facebook, Instagram, LinkedIn, Netflix, Paypal and Pinterest. Together, Google estimates those other sites account for about 25 percent of all Web traffic.

Also included in the new report, meanwhile, is a certificate transparency log viewer that lets users and site administrators check to see who has issued a certificate for a particular website and thereby verify its legitimacy.

The Electronic Frontier Foundation has long promoted HTTPS, and with the Tor Project, it launched a dedicated browser extension in 2010.

Obstacles on the way to HTTPS implementation, however, include older hardware and software, along with resistance from some governments and organizations, Google said. The company offers a tool for webmasters to help guide their HTTPS efforts.